diff --git a/daemon/libvirtd.c b/daemon/libvirtd.c
index 118aa92fa6..60ee705cef 100644
--- a/daemon/libvirtd.c
+++ b/daemon/libvirtd.c
@@ -91,7 +91,9 @@
 
 #include "configmake.h"
 
+#if HAVE_SASL
 virNetSASLContextPtr saslCtxt = NULL;
+#endif
 virNetServerProgramPtr remoteProgram = NULL;
 virNetServerProgramPtr qemuProgram = NULL;
 
@@ -560,6 +562,7 @@ static int daemonSetupNetworking(virNetServerPtr srv,
         }
     }
 
+#if HAVE_SASL
     if (config->auth_unix_rw == REMOTE_AUTH_SASL ||
         config->auth_unix_ro == REMOTE_AUTH_SASL ||
         config->auth_tcp == REMOTE_AUTH_SASL ||
@@ -569,6 +572,7 @@ static int daemonSetupNetworking(virNetServerPtr srv,
         if (!saslCtxt)
             goto error;
     }
+#endif
 
 #if HAVE_POLKIT0
     if (auth_unix_rw == REMOTE_AUTH_POLKIT ||
@@ -745,8 +749,10 @@ static int remoteConfigGetAuth(virConfPtr conf, const char *key, int *auth, cons
 
     if (STREQ(p->str, "none")) {
         *auth = VIR_NET_SERVER_SERVICE_AUTH_NONE;
+#if HAVE_SASL
     } else if (STREQ(p->str, "sasl")) {
         *auth = VIR_NET_SERVER_SERVICE_AUTH_SASL;
+#endif
     } else if (STREQ(p->str, "polkit")) {
         *auth = VIR_NET_SERVER_SERVICE_AUTH_POLKIT;
     } else {
diff --git a/daemon/remote.c b/daemon/remote.c
index 9e6cf77f27..288990855e 100644
--- a/daemon/remote.c
+++ b/daemon/remote.c
@@ -1653,6 +1653,7 @@ cleanup:
 }
 
 
+#ifdef HAVE_SASL
 /*
  * Initializes the SASL session in prepare for authentication
  * and gives the client a list of allowed mechanisms to choose
@@ -1969,6 +1970,49 @@ error:
     virMutexUnlock(&priv->lock);
     return -1;
 }
+#else
+static int
+remoteDispatchAuthSaslInit(virNetServerPtr server ATTRIBUTE_UNUSED,
+                           virNetServerClientPtr client ATTRIBUTE_UNUSED,
+                           virNetMessageHeaderPtr hdr ATTRIBUTE_UNUSED,
+                           virNetMessageErrorPtr rerr,
+                           remote_auth_sasl_init_ret *ret ATTRIBUTE_UNUSED)
+{
+    VIR_WARN("Client tried unsupported SASL auth");
+    virNetError(VIR_ERR_AUTH_FAILED, "%s",
+                _("authentication failed"));
+    virNetMessageSaveError(rerr);
+    return -1;
+}
+static int
+remoteDispatchAuthSaslStart(virNetServerPtr server ATTRIBUTE_UNUSED,
+                            virNetServerClientPtr client ATTRIBUTE_UNUSED,
+                            virNetMessageHeaderPtr hdr ATTRIBUTE_UNUSED,
+                            virNetMessageErrorPtr rerr,
+                            remote_auth_sasl_start_args *args ATTRIBUTE_UNUSED,
+                            remote_auth_sasl_start_ret *ret ATTRIBUTE_UNUSED)
+{
+    VIR_WARN("Client tried unsupported SASL auth");
+    virNetError(VIR_ERR_AUTH_FAILED, "%s",
+                _("authentication failed"));
+    virNetMessageSaveError(rerr);
+    return -1;
+}
+static int
+remoteDispatchAuthSaslStep(virNetServerPtr server ATTRIBUTE_UNUSED,
+                           virNetServerClientPtr client ATTRIBUTE_UNUSED,
+                           virNetMessageHeaderPtr hdr ATTRIBUTE_UNUSED,
+                           virNetMessageErrorPtr rerr,
+                           remote_auth_sasl_step_args *args ATTRIBUTE_UNUSED,
+                           remote_auth_sasl_step_ret *ret ATTRIBUTE_UNUSED)
+{
+    VIR_WARN("Client tried unsupported SASL auth");
+    virNetError(VIR_ERR_AUTH_FAILED, "%s",
+                _("authentication failed"));
+    virNetMessageSaveError(rerr);
+    return -1;
+}
+#endif